Summary
Overview
Work History
Education
Skills
Timeline
Generic

Sandra Ehio

Summary

As a seasoned compliance and risk management specialist, I excel in monitoring, documenting, and elucidating regulatory mandates. My steadfast dedication to upholding industry standards and spearheading process optimization sets me apart. Boasting over half a decade of hands-on experience, I infuse my work with a dynamic passion and cutting-edge methodologies, consistently delivering unparalleled outcomes.

Overview

11
11
years of professional experience

Work History

Risk Analyst

USAA
02.2021 - 03.2023
  • Leveraged advanced risk management tools to support USAA's business line, streamlining the process of risk detection, quantification, and consolidation.
  • Managed and resolved issues efficiently using ServiceNow and JIRA, ensuring timely ticket tracking and remediation.
  • Engaged with core business stakeholders, utilizing tools like Tableau and Power BI for stress test planning and result analysis, which paved the way for robust contingency strategies. Counseled executive leadership on strategic policy frameworks using RiskMetrics, aiming to mitigate liabilities and avert potential losses.
  • Crafted AD-HOC strategies, showcasing flexibility and adaptability with tools like SAS and MATLAB to address evolving risk scenarios.
  • Articulated risk evaluation outcomes to governance panels, business process proprietors, and leadership tiers using clear visualization tools and presentations.

Compliance and Risk Analyst

Equifax
05.2020 - 01.2021
  • Developed improvement and corrective action plans, ensuring compliance with FedRamp requirements and enhancing control measures.
  • Streamlined research processes, meeting tight project deadlines and optimizing efficiency.
  • Collaborated with suppliers to ensure Equifax servers were in compliance with regulatory standards.
  • Led the front-line efforts in conducting a successful FedRamp Audit, demonstrating a thorough understanding of assessor's requirements.
  • Updated AHA features, aligning them with the evolving business needs.
  • Maintained up-to-date knowledge of regulatory standards and company procedures, ensuring continuous compliance.
  • Coordinated remediation and server patching activities, bolstering the security controls and minimizing vulnerabilities.
  • Employed ServiceNow to curate and produce precise TVM (Threat and Vulnerability Management) analytics.
  • Planned, modified, and executed research techniques, procedures, and tests, contributing to effective risk management and mitigation.

Compliance Analyst

Wells Fargo
11.2019 - 04.2020
  • Coordinated Wells Fargo's Annual PCi audit, ensuring adherence to PCI (Payment Card Industry) standards and safeguarding sensitive customer data.
  • Collaborated with suppliers to verify and maintain compliance of Wells Fargo's servers with regulatory requirements.
  • Reviewed comprehensive audit and monitoring reports, focusing on consumer and client activities, to identify areas of improvement and ensure compliance.
  • Developed and evaluated control testing procedures, ensuring effective risk mitigation and adherence to regulatory guidelines.
  • Created and maintained Knowledge Base (KB) materials on SharePoint, providing accessible and up-to-date information for team members.
  • Coordinated scheduling for server installations, working in conjunction with security tools to minimize disruptions and maintain system integrity.
  • Facilitated evidence collection as needed, supporting audit and compliance activities.
  • Conducted audits and assessments of systems and processes to ensure the presence of regulatory and policy controls.
  • Validated incoming data, ensuring accuracy and integrity, and proactively addressing any identified concerns.
  • Streamlined research processes, enabling the team to meet tight project deadlines and deliver high-quality results.
  • Supported the team in meeting regulatory requirements by coordinating documentation and filings, ensuring timely and accurate submissions.

IT Auditor

AmerisourceBergen
11.2018 - 11.2019
  • Documented and tracked control weaknesses, providing recommendations and facilitating the remediation process to address identified issues.
  • Conducted testing of IT General Controls (ITGC) and IT Application Controls, as well as infrastructure components (databases and operating systems), using diverse audit frameworks.
  • Demonstrated knowledge of emerging technologies, such as mobile computing and cloud, and their associated risks.
  • Worked collaboratively as a part of an IT Audit Team, performing PCI DSS and HIPAA testing in regulated organizations.
  • Conducted testing to ensure compliance with Sarbanes-Oxley (SOX) regulations in public organizations and reviewed Service Organization Control (SOC) SAS 70/SSAE 16, employing COBIT and COSO frameworks.
  • Oversaw the design and development of Archer, a Governance, Risk, and Compliance (GRC) platform, to track security activities and metrics effectively.
  • Possessed extensive experience in auditing IT General Controls (ITGC), with a particular focus on access controls.
  • Executed multiple IT audits, encompassing cybersecurity, internal applications, systems under development, technology infrastructure, and specialized or emerging technologies.


Technical Business Analyst

Sears Brands LLC
07.2014 - 05.2017
  • Consulted with internal personnel to develop information systems strategies, tailoring technology purchasing and installation roadmaps to meet users' unique needs.
  • Supported new project initiatives by analyzing preliminary business needs and defining factors such as budget constraints, time management and resource planning.
  • United technological needs of all business areas to create company-wide system improvement best practices.
  • Synthesized current business intelligence data to produce reports and polished presentations, highlighting findings and recommending changes.

Implementation Specialist

Santa Rosa Consulting
02.2012 - 07.2014
  • Executed software updates and deployed the latest versions, fortifying data protection and mitigating security vulnerabilities in the Epic environment.
  • Translated intricate technical jargon into digestible insights for non-technical stakeholders, fostering enhanced comprehension and collaboration.
  • Followed up with clients to verify optimal customer satisfaction following support engagement and problem resolution.
  • Broke down and evaluated user problems, using test scripts, personal expertise and probing questions.
  • Onsite end user support.
  • Trained Physicians to configure Smart Sets, Smart Links, Order Sets, Smart Phrase tools.

Education

Bachelor of Science - Business Analytics

Texas Women University
Denton, TX
2014

Skills

  • Microsoft Products: Word, PowerPoint, Access, Advanced Excel, Visio, VLookup
  • Audit reports and Requirement Gathering
  • Policy Development
  • Documentation and Reporting
  • Stakeholder Communication
  • Regulatory compliance and documentation
  • Service Now
  • JIRA

Timeline

Risk Analyst

USAA
02.2021 - 03.2023

Compliance and Risk Analyst

Equifax
05.2020 - 01.2021

Compliance Analyst

Wells Fargo
11.2019 - 04.2020

IT Auditor

AmerisourceBergen
11.2018 - 11.2019

Technical Business Analyst

Sears Brands LLC
07.2014 - 05.2017

Implementation Specialist

Santa Rosa Consulting
02.2012 - 07.2014

Bachelor of Science - Business Analytics

Texas Women University

Similar Profiles

CREATE PROFILE
Sandra Ehio